Commit Graph

4092 Commits

Author SHA1 Message Date
Max Laier
8d69c48be5 Link pf to the build and install:
This adds the former ports registered groups: proxy and authpf as well as
the proxy user. Make sure to run mergemaster -p in oder to complete make
installworld without errors.

This also provides the passive OS fingerprints from OpenBSD (pf.os) and an
example pf.conf.

For those who want to go without pf; it provides a NO_PF knob to make.conf.

__FreeBSD_version will be bumped soon to reflect this and to be able to
change ports accordingly.

Approved by:	bms(mentor)
2004-03-08 22:03:29 +00:00
Mark Murray
16fc3635f7 Make NULL a (void*)0 whereever possible, and fix the warnings(-Werror)
that this provokes. "Wherever possible" means "In the kernel OR NOT
C++" (implying C).

There are places where (void *) pointers are not valid, such as for
function pointers, but in the special case of (void *)0, agreement
settles on it being OK.

Most of the fixes were NULL where an integer zero was needed; many
of the fixes were NULL where ascii <nul> ('\0') was needed, and a
few were just "other".

Tested on: i386 sparc64
2004-03-05 08:10:19 +00:00
Christian Brueffer
0e9efd1904 s/considred/considered/ 2004-03-04 00:52:16 +00:00
Johan Karlsson
496ba967ae Make this WARNS=2 clean by:
- including <timeconv.h> to get _long_to_time prototype
	- removing an unused variable

Bump WARNS to it keep clean.

Approved by:	ume on ipfw@
2004-03-03 20:21:15 +00:00
Kenneth D. Merry
2a413b2918 Fix a couple of camcontrol issues that popped up on sparc64:
- bzero the CCB header in getdevtree() and set the path properly, to
   avoid having random garbage in the CCB header.
 - if the lun isn't specified in a device specifier, it should default to
   0, not whatever random data happens to be in the lun variable.
 - move the prototype for getdevtree() out from under #ifndef MINIMALISTIC,
   since it is used in both cases.

Submitted by:	Marius Strobl <marius@alchemy.franken.de> (mostly)
MFC After:	2 weeks
2004-03-03 01:51:24 +00:00
Dima Dorfman
4d90830fd8 Add CTLTYPE_QUAD to the list of types for which we don't want an empty
value.  All the other numeric types are doing it . . .
2004-03-02 05:42:52 +00:00
Max Laier
278445ba35 Add skeleton build dirs for pf userland:
libexec/ftp-proxy	- ftp proxy for pf
 sbin/pfctl		- equivalent to sbin/ipf
 sbin/pflogd		- deamon logging packets via if_pflog in pcap format
 usr.sbin/authpf	- authentification shell to modify pf rulesets

Bring along some altq headers used to satisfy pfctl/authpf compile. This
helps to keep the diff down and will make it easy to have a altq-patchset
use the full powers of pf.

Also make sure that the pf headers are installed.

This does not link anything to the build. There will be a NO_PF switch for
make.conf once pf userland is linked.

Approved by:	bms(mentor)
2004-02-28 21:50:50 +00:00
Maxim Konovalov
34ee70a6a0 o Remove obsoleted '-N' and '-d' flags. 2004-02-28 10:42:27 +00:00
Maxim Konovalov
1e581b9759 o Sync usage() with reality: add 'z' flag.
MFC after:	1 week
2004-02-28 10:22:17 +00:00
Scott Long
1660ae8795 In the case of a background fsck, periodically update the process title
with a progress update.
2004-02-28 07:50:42 +00:00
Alexander Kabaev
652d6e18bf Look for both name and if_<name> strings in module metadata. Pseudo-devices
like tun are naming their modules using the 'if_; prefix and previous version of
the code failed to detect their presence in the kernel, resulting in the same
module being loaded twice.
2004-02-27 06:43:14 +00:00
Robert Watson
1d3170aa53 Add a "-l" parameter to mdmfs so that memory file systems can be
created with the multilabel flag from inception.  This simply
passes the "-l" flag on to newfs(8).

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, McAfee Research
2004-02-26 01:15:47 +00:00
Robert Watson
ce20d788fa Add a "-l" flag to newfs, which sets the FS_MULTILABEL flag. This
permits users of newfs to set the multilabel flag on UFS1 and UFS2
file systems from inception without using tunefs.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, McAfee Research
2004-02-26 01:14:27 +00:00
Bruce M Simpson
c39ebb1dbb Sync HEAD sources to vendor branch import of routed v2.27 from rhyolite.com.
Update <protocols/routed.h> for the MD5 changes requested in bin/35843.
Preserve local changes.

Education by:	obrien, markm, pointy-stick
PR:		bin/35843 (and doubtless others)
2004-02-25 23:45:57 +00:00
Bruce M Simpson
caa79e368e Virgin import of rhyolite.com routed v2.27 2004-02-25 23:20:22 +00:00
Bruce Evans
c014f65858 Fixed missing libraries. This unbreaks the -DNO_DYNAMIC_ROOT and
-DNOSHARED=yes cases.
2004-02-24 03:46:12 +00:00
Johan Karlsson
604d24db95 style.Makefile(5):
Use WARNS?= instead of WARNS=.
2004-02-23 20:25:27 +00:00
Pawel Jakub Dawidek
8d2d29d96f Connect gconcat(8) to the build.
Approved by:	scottl (mentor)
2004-02-23 20:06:56 +00:00
Pawel Jakub Dawidek
53ddc946b8 - Connect manual page for gconcat utility to the build.
- Fix usage.

Approved by:	scottl (mentor) (implicity)
2004-02-23 20:06:21 +00:00
Pawel Jakub Dawidek
a78bd4726b Added manual page for gconcat utility.
Approved by:	scottl (mentor) (implicity)
Reviewed by:	simon
2004-02-23 12:44:08 +00:00
Colin Percival
47c524ddd4 Report login attempts to syslog. Due to the statically-linked nature of
nologin(8), this causes a considerable (100K) increase in the binary size,
so I've added a NO_LOGIN_LOG option which disables this.

While I'm here, s/sizeof(MESSAGE)/sizeof(MESSAGE) - 1/, in order to
avoid writing the string-terminating zero byte.

No complaints from: -current
Approved by:	rwatson (mentor)
2004-02-22 10:03:24 +00:00
Jim Rees
c33f7bb853 change baduser and badgroup from -2 to 65534, 65533
these should probably be looked up instead, but this is better than before
also minor format changes for style(9)
2004-02-21 21:02:59 +00:00
Yaroslav Tykhiy
588e78c575 We can cross-reference to vlan(4) as long as
the corresponding manpage has been committed.
The rest of "vlan" words, which are refering
to the technology itself, should be capitalized.

MFC after:	1 week
2004-02-21 14:21:18 +00:00
Yaroslav Tykhiy
4742fd9891 The hardware tagging capability is set on the physical
interface that is parent to a vlan(4) interface,
not on the vlan(4) interface itself.
2004-02-21 14:11:57 +00:00
Maxime Henrion
b4089f6417 Mention that securelevel 1 also blocks access to /dev/io if it
exists (not all platforms have it).
2004-02-20 21:38:23 +00:00
Tim J. Robbins
65922d0bb2 Merge from RELENG_4 1.28.2.13: Fix saving system crash dumps larger than
2 GB by using fseeko() instead of fseek().
2004-02-20 12:22:52 +00:00
Poul-Henning Kamp
91f9647d49 s/bytes/byte/ 2004-02-19 19:53:07 +00:00
Pawel Jakub Dawidek
cc3ba4277b Add control utility for disk concatenation (GEOM_CONCAT class).
Reviewed by:	phk, scottl
Approved by:	scottl (mentor)
2004-02-19 16:02:08 +00:00
David Malone
5b24835127 Add a -n option that stops ip6fw making any changes to the rules
in the kernel.

Submitted by:	Orla McGann <orly@redbrick.dcu.ie>
MFC after:	3 weeks
2004-02-18 15:56:53 +00:00
Jim Rees
f2ebef4d07 remove dead code
Approved by:	alfred
2004-02-17 22:28:26 +00:00
Greg Lehey
c6d1415d6a Report the difference between ufs and ufs2.
Submitted by:	"Christian S.J. Peron" <maneo@bsdpro.com>
2004-02-17 08:43:05 +00:00
Greg Lehey
016ce61c93 Explain what console names are valid. 2004-02-17 04:53:47 +00:00
Greg Lehey
ffb19b1385 Recognize if the user supplies the full pathname to /dev/console and friends,
and DTRT.

Explain if he supplies a pathname that is not in /dev.
2004-02-17 04:51:06 +00:00
Tim J. Robbins
6abefb4fcd Remove unnecessary newlines from errx() arguments. 2004-02-17 02:02:18 +00:00
Lukas Ertl
cfb6a27c5d Also remove "makedev" from the online help. 2004-02-16 23:04:52 +00:00
Lukas Ertl
7ccbdc0d22 Since DEVFS is mandatory, remove all instances to make_dev*. Keep the
"makedev" command for backwards compatibility, but just print out an
informational message (this was the current behaviour, anyway) and remove
it from the documentation.

Approved by:     grog (mentor)
2004-02-16 09:23:59 +00:00
Bruce Evans
c534bd449e Support mounting ext2fs file systems with -async to the small extent
that ext2fs in the kernel supports async mounts.  ext2fs used to
effectively force the -async flag on.  -async for ext2fs only gives
async (more precisely, delayed) writes for inode updates, so it is
barely worth using even when it is safe.
2004-02-15 06:31:26 +00:00
Lukas Ertl
453d919e1d Remove unused variable and related bogus checks.
Approved by:    grog (mentor)
2004-02-14 01:13:41 +00:00
Bruce M Simpson
1922fd129e Initial import of RFC 2385 (TCP-MD5) digest support.
This is the second of two commits; bring in the userland support to finish.

Teach libipsec and setkey about the tcp-md5 class of security associations,
thus allowing administrators to add per-host keys to the SADB for use by
the tcpsignature_compute() function.

Document that a single SPI must be used until such time as the code which
adds support to the SPD to specify flows for tcp-md5 treatment is suitable
for production.

Sponsored by:	sentex.net
2004-02-11 04:34:34 +00:00
Colin Percival
1b49e5051e style cleanup: Remove duplicate $FreeBSD$ tags.
These files had tags after the copyright notice,
inside the comment block (incorrect, removed),
and outside the comment block (correct).

Approved by:	rwatson (mentor)
2004-02-10 20:48:08 +00:00
Colin Percival
3c754d8be1 style cleanup: Remove duplicate $FreeBSD$ tags.
These files had tags at the start of the file
(incorrect, removed), and after the copyright
notices (correct).

Approved by:	rwatson (mentor)
2004-02-10 20:40:17 +00:00
Tom Rhodes
ed1b9fc97a Reorder Xrefs in SEE ALSO. 2004-02-10 06:44:41 +00:00
Tom Rhodes
f00a5dbd49 Update to inform users of acls and multilabel options. Add Xrefs to the
more relevant manual pages.

PR:		62394
Submitted by:	Marc Silver <marcs@draenor.org>
2004-02-10 06:33:29 +00:00
Ian Dowse
ccdb237094 Further simplify the code for printing the message buffer:
- Ensure that the buffer ends with "\n\0" to avoid special cases
   and allow the use of strtol().
 - Use strvisx() on each complete line instead of character by
   character.

Submitted by:	bde
MFC after:	1 week
2004-02-08 23:08:53 +00:00
Ian Dowse
c8bb99e577 Certain ICMP error replies cause ping to perform a reverse DNS
lookup on an IP address from the packet (such as the IP that sent
a TTL exceeded error). If the DNS lookup takes a long time, ^C will
appear to be ineffective since the SIGINT handler just sets a flag
and returns. Work around this by exiting immediately on receipt of
a second SIGINT when DNS lookups are enabled.

PR:		bin/4696
MFC after:	1 week
2004-02-08 21:59:17 +00:00
Poul-Henning Kamp
97d2ca7830 Fix the last and most important bit of the test case to test the same
binary as the rest of it.

Add MD5 check that the md(4) device gets set up correctly.
2004-02-07 22:58:39 +00:00
Lukas Ertl
3ea53122d5 Correct order of arguments given to checkparity and rebuildparity.
Approved by: joerg (mentor)
2004-02-06 21:07:17 +00:00
Ruslan Ermilov
47d7e8a96f Fixed style of DPADD and LDADD assignments as per style.Makefile(5). 2004-02-05 22:44:25 +00:00
Ian Dowse
59f256ec35 Don't print the oldest line in the message buffer if the buffer is
full, since that line is almost always incomplete. Make the parsing
of <%d> lines more strict.

Also simplify the logic a little:
 - Start off by making the buffer linear so that we don't have to
   deal with it wrapping around (suggested by bde).
 - Process line by line rather than byte at a time.
2004-02-05 21:07:50 +00:00
Bruce Evans
ae62d94069 Fixed operation of -f to match its documentation and fsck_ffs. It
has now has no effect except in combination with -p, and plain fsck
checks all file systems instead of skipping clean ones for msdosfs
only.

Renamed the force flag to skipclean and inverted its logic as in
fsck_ffs.
2004-02-05 15:47:46 +00:00